Could there be an easier way to alert domain registrars about domains being used for scams?
This morning I woke up to a spam SMS message promoting a scam site (see picture). The scam tries to trick people into disclosing their social security number and driver’s license, along with a host of other personal details, to get unemployment payments.
The domain name was registered about a month ago and the Whois record lists someone in Nigeria.
I like to report scams like this to the registrar so they can take action. That’s when things get complicated. The domain is registered at a registrar that’s part of a big domain name company. I know business people there, but I don’t know their abuse contact(s).
So I Googled the registrar and “abuse” and found a contact form. I filled it out and submitted information about the scam website.
This got me thinking that there has to be a better way. Taking down obvious scam websites quickly is important for the health of our industry. It would be helpful if there were a way to submit abuse complaints at a centralized level rather than registrar-by-registrar. One site to submit complaints that immediately forwards the complaint to the registrar according to Whois.
I imagine that security companies have direct lines into registrars to report abuse and this is probably streamlined. But as an individual reporter, it would be nice to have a system I could submit through and see the result (what action is taken).